Dices provably fair – Nonce overflow vulnerability

Most of bitcoin dice software use a system to prove the fair play of the server for each bet. Most of them implement this mechanism using two seed (server seed and client seed) combined with a session nonce in the aim to provide a fair random number for each bet and usually this nonce is initialized to 0 after each seed change.

But, what if this nonce is stored in an unsigned integer variable (32bit in 32bit systems, 2³² values)? Theorically after 2³²-1 bets, the nonce goes in overflow and return to 0.

Saving each bet roll for every play in the first 2³²-1 window, will provide a map function:

f: n → roll . (n < 2³²)

that could be used to declare a function g(m) that predicts every future roll:

g (m) = f (m % 2³²)

A simple fix for this problem is to regenerate the server seed and reset the nonce after 2³² bets.

MineML: F# miner

MineML is a multithread CPU based bitcoin miner written in F#. At the moment it’s a slow implementation, but the class structure offers the possibility to implement different type of MinerThread using different processing methods (opencl, cuda, or sha256 dedicated hardware).

The program structure is very simple: there’s a class (Program) that reads config file and creates the Miner object; the Miner object spawns MinerThread objects. At the moment there’s only the implementation for a CPU based thread, but will be possible to implement an opencl or cuda based thread.

The TODO list contains:

• Statistics
• GUI interface
• OpenCL thread implementation
• Difficulty handling

Want to work on? Fork it on github!